<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>用户详情</title>
</head>
<body >
	<!-- Spring Security的标签库 -->
	<sec:authorize access="hasAuthority('user')">
		<span>
		欢迎用户<sec:authentication property="principal.username"/>
		</span>
	</sec:authorize>
	<h3>权限:</h3>
	<c:forEach items="${auths }" var="a">
		<div>
		<c:out value="${a }"></c:out>
		</div>
	</c:forEach>
	
	<form name="f" method="POST" action="/logout">
		<sec:csrfInput/>
		<input type="submit" value="退出">
	</form>
</body>
</html>